Cleanup (no code change): regenerated HTML manpages that
weren't updated because of a simplistic make(1) dependency.
+
+20241010
+
+ Cleanup (no code change): reformatted source files that
+ diverged from Postfix style, complicating code maintenance.
+ The only object file change is in tls_dane.o, because
+ OPENSSL_free() has a line number argument. Other object
+ files are unchanged. Files: bounce/bounce_notify_util_tester.c,
+ bounce/bounce_one_service.c, cleanup/cleanup.c,
+ cleanup/cleanup_api.c, cleanup/cleanup_envelope.c,
+ cleanup/cleanup_out_recipient.c, cleanup/cleanup_rewrite.c,
+ dns/dns.h, dns/dns_lookup.c, dns/dns_rr_filter.c, dns/dns_sec.c,
+ global/bounce_log.h, global/cleanup_user.h, global/clnt_stream.h,
+ global/compat_level.c, global/compat_level.h, global/conv_time.c,
+ global/db_common.h, global/dot_lockfile_as.c,
+ global/header_body_checks.c, global/info_log_addr_form.c,
+ global/is_header.c, global/mail_addr_map.c,
+ global/mail_command_server.c, global/mail_conf.c,
+ global/mail_conf_raw.c, global/mail_conf_str.c, global/mail_copy.c,
+ global/mail_params.c, global/mail_proto.h, global/mail_queue.h,
+ global/mail_trigger.c, global/maillog_client.c,
+ global/mkmap_proxy.c, global/own_inet_addr.c,
+ global/quote_821_local.c, global/quote_821_local.h,
+ global/quote_822_local.c, global/quote_822_local.h,
+ global/rec_type.h, global/recdump.c, global/sent.h,
+ global/server_acl.c, global/smtputf8.c, global/smtputf8.h,
+ global/tok822_tree.c, global/user_acl.h,
+ global/valid_mailhost_addr.c, global/xtext.c, local/alias.c,
+ local/command.c, master/master.c, master/master.h,
+ master/master_listen.c, master/master_proto.h,
+ master/master_service.c, master/master_watch.c, milter/milter8.c,
+ milter/test-milter.c, oqmgr/qmgr_active.c, oqmgr/qmgr_entry.c,
+ pipe/pipe.c, postfix/postfix.c, postscreen/postscreen_dnsbl.c,
+ posttls-finger/posttls-finger.c, qmgr/qmgr_active.c,
+ qmgr/qmgr_entry.c, qmqpd/qmqpd_peer.c, smtp/smtp.h,
+ smtp/smtp_addr.c, smtp/smtp_tlsrpt.c, smtp/smtp_unalias.c,
+ smtpd/smtpd_milter.h, smtpd/smtpd_resolve.h, tls/tls_client.c,
+ tls/tls_dane.c, tls/tls_dh.c, tls/tls_misc.c,
+ tls/tls_proxy_client_print.c, tls/tls_server.c, util/alldig.c,
+ util/argv_split.c, util/balpar.c, util/byte_mask.c,
+ util/cidr_match.h, util/dict.h, util/dict_cdb.h,
+ util/dict_stream.c, util/dup2_pass_on_exec.c, util/duplex_pipe.c,
+ util/exec_command.c, util/find_inet.c, util/format_tv.c,
+ util/hash_fnv.c, util/host_port.c, util/inet_addr_sizes.c,
+ util/inet_connect.c, util/load_file.h, util/load_lib.h,
+ util/mac_expand.h, util/midna_domain.h, util/mkmap_cdb.c,
+ util/mvect.c, util/myaddrinfo.h, util/name_mask.c,
+ util/open_limit.c, util/parse_utf8_char.h, util/posix_signals.c,
+ util/sane_strtol.c, util/set_eugid.c, util/slmdb.c,
+ util/sock_addr.c, util/strcasecmp.c, util/stream_connect.c,
+ util/stream_recv_fd.c, util/stream_test.c,
+ util/unix_dgram_connect.c, util/unix_dgram_listen.c,
+ util/vbuf.c.
Files src tls tls h src tls tls_dh c src tls tls_misc c
proto TLSRPT_README html proto postconf proto smtp smtp c
proto aliases cleanup cleanup c local local c smtpd smtpd c
+ bounce bounce_one_service c cleanup cleanup c
+ dns dns h dns dns_lookup c dns dns_rr_filter c dns dns_sec c
+ local command c master master c master master h
+ pipe pipe c postfix postfix c postscreen postscreen_dnsbl c
+ qmgr qmgr_entry c qmqpd qmqpd_peer c smtp smtp h
if (chdir(var_queue_dir) < 0)
msg_fatal("chdir %s: %m", var_queue_dir);
- bounce_hfrom_format =
+ bounce_hfrom_format =
hfrom_format_parse(VAR_HFROM_FORMAT, var_hfrom_format);
/*
#define SEND_POSTMASTER_SINGLE_BOUNCE_NOTICE (notify_mask & MAIL_ERROR_BOUNCE)
if (bounce_status == 0 && SEND_POSTMASTER_SINGLE_BOUNCE_NOTICE
- && strcasecmp_utf8(orig_sender, mail_addr_double_bounce()) != 0) {
+ && strcasecmp_utf8(orig_sender, mail_addr_double_bounce()) != 0) {
/*
* Send the text with reason for the bounce, and the headers of
/* .IP \(bu
/* Eliminate duplicate envelope recipient addresses.
/* .br
-/* This is enabled with the \fBduplicate_filter_limit\fR
+/* This is enabled with the \fBduplicate_filter_limit\fR
/* parameter setting.
/* .IP \(bu
/* Remove message headers: \fBBcc\fR, \fBContent-Length\fR,
* (mail submitted with the Postfix sendmail command, mail forwarded by
* the local(8) delivery agent, or mail re-queued with "postsuper -r"),
* send a bounce notification, reset the error flags in case of success,
- * and request deletion of the incoming queue file and of the
- * optional DSN SUCCESS records from virtual alias expansion.
+ * and request deletion of the incoming queue file and of the optional
+ * DSN SUCCESS records from virtual alias expansion.
*
* XXX It would make no sense to knowingly report success after we already
* have bounced all recipients, especially because the information in the
return;
}
if (type == REC_TYPE_FROM) {
- off_t after_sender_offs;
+ off_t after_sender_offs;
/* Allow only one instance. */
if (state->sender != 0) {
* in the expansion because that results in multiple verify(8) updates
* for one verify(8) request.
*
- * Multiple verify(8) updates for one verify(8) request would overwrite
- * each other's status, and if the last status update is "undeliverable",
- * then the whole alias is flagged as undeliverable.
+ * Multiple verify(8) updates for one verify(8) request would overwrite each
+ * other's status, and if the last status update is "undeliverable", then
+ * the whole alias is flagged as undeliverable.
*/
else {
RECIPIENT rcpt;
/* cleanup_rewrite_tree - rewrite address node */
-int cleanup_rewrite_tree(const char *context_name, TOK822 *tree)
+int cleanup_rewrite_tree(const char *context_name, TOK822 *tree)
{
VSTRING *dst = vstring_alloc(100);
VSTRING *src = vstring_alloc(100);
unsigned short flags; /* DNS_RR_FLAG_XX, see below */
struct DNS_RR *next; /* linkage */
size_t data_len; /* actual data size */
- char *data; /* a bunch of data */
- /* Add new fields at the end, for ABI forward compatibility. */
+ char *data; /* a bunch of data */
+ /* Add new fields at the end, for ABI forward compatibility. */
} DNS_RR;
#define DNS_RR_FLAG_TRUNCATED (1<<0)
msg_info("frag_len=%d text=\"%.*s\"",
(int) frag_len, (int) frag_len, (char *) src);
if (frag_len > reply->end - src
- || frag_len >= ((unsigned char *) ltemp + sizeof(ltemp)) - dst) {
+ || frag_len >= ((unsigned char *) ltemp + sizeof(ltemp)) - dst) {
msg_warn("extract_answer: bad TXT string length: %d", frag_len);
return (DNS_RETRY);
}
msg_info("ignoring DNS RR: %s", rr_text);
return (0);
} else {
- msg_warn("%s: unknown DNS filter action: \"%s\"",
+ msg_warn("%s: unknown DNS filter action: \"%s\"",
dns_rr_filter_maps->title, cmd);
return (dns_rr_filter_error);
}
default:
if (!DNS_SEC_STATS_TEST(DNS_SEC_FLAG_AVAILABLE))
msg_warn("reason: " VAR_DNSSEC_PROBE
- " '%s' received a response that is not DNSSEC validated",
+ " '%s' received a response that is not DNSSEC validated",
var_dnssec_probe);
if (rrlist)
dns_rr_free(rrlist);
typedef struct {
VSTREAM *fp; /* open file */
VSTRING *buf; /* I/O buffer */
- char *compat_status; /* old logfile compatibility */
- char *compat_action; /* old logfile compatibility */
+ char *compat_status; /* old logfile compatibility */
+ char *compat_action; /* old logfile compatibility */
} BOUNCE_LOG;
extern BOUNCE_LOG *bounce_log_open(const char *, const char *, int, mode_t);
#define CLEANUP_FLAG_AUTOUTF8 (1<<9) /* Autodetect SMTPUTF8 */
#define CLEANUP_FLAG_FILTER_ALL (CLEANUP_FLAG_FILTER | CLEANUP_FLAG_MILTER)
+
/*
* These are normally set when receiving mail from outside.
*/
* External interface.
*/
typedef struct CLNT_STREAM CLNT_STREAM;
-typedef int (*CLNT_STREAM_HANDSHAKE_FN)(VSTREAM *);
+typedef int (*CLNT_STREAM_HANDSHAKE_FN) (VSTREAM *);
extern CLNT_STREAM *clnt_stream_create(const char *, const char *, int, int,
CLNT_STREAM_HANDSHAKE_FN);
* Sanity check.
*/
if (compat_level < 0) {
- msg_fn("%s: bad compatibility level: %ld", myname, compat_level);
- return (0);
+ msg_fn("%s: bad compatibility level: %ld", myname, compat_level);
+ return (0);
}
/*
* Compatibility levels 0..2 have no minor or patch level.
*/
if (buf == 0)
- buf = vstring_alloc(10);
+ buf = vstring_alloc(10);
major = DECODE_MAJOR(compat_level);
if (!GOOD_MAJOR(major)) {
- msg_fn("%s: bad compatibility major level: %ld", myname, compat_level);
- return (0);
+ msg_fn("%s: bad compatibility major level: %ld", myname, compat_level);
+ return (0);
}
vstring_sprintf(buf, "%ld", major);
if (major > 2) {
- /*
- * Expect that major.minor will be common.
- */
- minor = DECODE_MINOR(compat_level);
- vstring_sprintf_append(buf, ".%ld", minor);
-
- /*
- * Expect that major.minor.patch will be rare.
- */
- patch = DECODE_PATCH(compat_level);
- if (patch)
- vstring_sprintf_append(buf, ".%ld", patch);
+ /*
+ * Expect that major.minor will be common.
+ */
+ minor = DECODE_MINOR(compat_level);
+ vstring_sprintf_append(buf, ".%ld", minor);
+
+ /*
+ * Expect that major.minor.patch will be rare.
+ */
+ patch = DECODE_PATCH(compat_level);
+ if (patch)
+ vstring_sprintf_append(buf, ".%ld", patch);
}
return (vstring_str(buf));
}
extern long compat_level_from_numbers(long, long, long,
void PRINTFLIKE(1, 2) (*) (const char *,...));
extern const char *compat_level_to_string(long,
- void PRINTFLIKE(1, 2) (*) (const char *,...));
+ void PRINTFLIKE(1, 2) (*) (const char *,...));
#define compat_level_from_major(major, msg_fn) \
compat_level_from_major_minor((major), 0, (msg_fn))
errno = 0;
intval = longval = strtol(strval, &end, 10);
if (*strval == 0 || errno == ERANGE || longval != intval || intval < 0
- /* || (*end != 0 && end[1] != 0) */)
+ /* || (*end != 0 && end[1] != 0) */ )
return (0);
switch (*end ? *end : def_unit) {
/* DESCRIPTION
/* .nf
*/
-
+
/*
* External interface.
*/
#include "dict.h"
#include "string_list.h"
-typedef void (*db_quote_callback_t)(DICT *, const char *, VSTRING *);
+typedef void (*db_quote_callback_t) (DICT *, const char *, VSTRING *);
extern int db_common_parse(DICT *, void **, const char *, int);
extern void *db_common_alloc(DICT *);
extern void db_common_parse_domain(CFG_PARSER *, void *);
extern int db_common_dict_partial(void *);
extern int db_common_expand(void *, const char *, const char *,
- const char *, VSTRING *, db_quote_callback_t);
+ const char *, VSTRING *, db_quote_callback_t);
extern int db_common_check_domain(void *, const char *);
extern void db_common_free_ctx(void *);
extern void db_common_sql_build_query(VSTRING *query, CFG_PARSER *parser);
/*--*/
#endif
-
/* dot_unlockfile_as - dotlock file as user */
-void dot_unlockfile_as(const char *path, uid_t euid, gid_t egid)
+void dot_unlockfile_as(const char *path, uid_t euid, gid_t egid)
{
uid_t saved_euid = geteuid();
gid_t saved_egid = getegid();
if (STREQUAL(cmd, "IGNORE", cmd_len))
/* XXX Not logged for compatibility with cleanup(8). */
return (HBC_CHECKS_STAT_IGNORE);
-
+
if (STREQUAL(cmd, "DUNNO", cmd_len) /* preferred */
||STREQUAL(cmd, "OK", cmd_len)) /* compatibility */
return ((char *) line);
INFO_LOG_ADDR_FORM_NAME_INTERNAL, INFO_LOG_ADDR_FORM_VAL_INTERNAL,
0, INFO_LOG_ADDR_FORM_VAL_NOT_SET,
};
+
info_log_addr_form_form = name_code(info_log_addr_form_table,
NAME_CODE_FLAG_NONE,
var_info_log_addr_form);
* XXX Don't run off the end in case some non-standard iscntrl()
* implementation considers null a non-control character...
*/
- for (len = 0, state = INIT, cp = CU_CHAR_PTR(str); /* see below */; cp++) {
+ for (len = 0, state = INIT, cp = CU_CHAR_PTR(str); /* see below */ ; cp++) {
if (str_len != IS_HEADER_NULL_TERMINATED && str_len-- <= 0)
return (0);
switch (c = *cp) {
{"\"a@a\"@example.net"}, 1,
},
{
- "12 external -external-> external, extension, propagation",
- "inline:{ aa@example.com=bb@example.com }",
- DO_PROPAGATE_UNMATCHED_EXTENSION, DOT_RECIPIENT_DELIMITER,
- MA_FORM_EXTERNAL, MA_FORM_EXTERNAL, MA_FORM_EXTERNAL,
- "aa.ext@example.com",
- {"bb.ext@example.com"}, 1,
+ "12 external -external-> external, extension, propagation",
+ "inline:{ aa@example.com=bb@example.com }",
+ DO_PROPAGATE_UNMATCHED_EXTENSION, DOT_RECIPIENT_DELIMITER,
+ MA_FORM_EXTERNAL, MA_FORM_EXTERNAL, MA_FORM_EXTERNAL,
+ "aa.ext@example.com",
+ {"bb.ext@example.com"}, 1,
},
0,
};
/* System library. */
#include <sys_defs.h>
-#include <stdlib.h> /* 44BSD stdarg.h uses abort() */
+#include <stdlib.h> /* 44BSD stdarg.h uses abort() */
#include <stdarg.h>
#include <string.h>
/* mail_conf_checkdir - authorize non-default directory */
-void mail_conf_checkdir(const char *config_dir)
+void mail_conf_checkdir(const char *config_dir)
{
VSTRING *buf;
VSTREAM *fp;
/* check_mail_conf_raw - validate string length */
static void check_mail_conf_raw(const char *name, const char *strval,
- int min, int max)
+ int min, int max)
{
ssize_t len = strlen(strval);
/* get_mail_conf_raw - evaluate string-valued configuration variable */
char *get_mail_conf_raw(const char *name, const char *defval,
- int min, int max)
+ int min, int max)
{
const char *strval;
typedef const char *(*stupid_indent_str) (void);
char *get_mail_conf_raw_fn(const char *name, stupid_indent_str defval,
- int min, int max)
+ int min, int max)
{
const char *strval;
if (table->target[0])
myfree(table->target[0]);
table->target[0] = get_mail_conf_raw(table->name, table->defval,
- table->min, table->max);
+ table->min, table->max);
table++;
}
}
if (table->target[0])
myfree(table->target[0]);
table->target[0] = get_mail_conf_raw_fn(table->name, table->defval,
- table->min, table->max);
+ table->min, table->max);
table++;
}
}
/* void check_mail_conf_str(name, strval, min, max)
/* const char *name;
/* const char *strval;
-/* int min;
+/* int min;
/* int max;
/* DESCRIPTION
/* This module implements support for string-valued global
* while fflush and fsync() succeed. Think of remote file systems such as
* AFS that copy the file back to the server upon close. Oh well, no
* point optimizing the error case. XXX On systems that use flock()
- * locking, we must truncate the file before closing it (and losing
- * the exclusive lock).
+ * locking, we must truncate the file before closing it (and losing the
+ * exclusive lock).
*/
read_error = vstream_ferror(src);
write_error = vstream_fflush(dst);
msg_fatal("file %s/%s: parameter %s: user %s has the same"
" user ID %ld as user %s",
var_config_dir, MAIN_CONF_FILE,
- VAR_MAIL_OWNER, var_mail_owner,
+ VAR_MAIL_OWNER, var_mail_owner,
(long) var_owner_uid, pwd->pw_name);
}
msg_fatal("file %s/%s: parameter %s: group %s has the same"
" group ID %ld as group %s",
var_config_dir, MAIN_CONF_FILE,
- VAR_SGID_GROUP, var_sgid_group,
+ VAR_SGID_GROUP, var_sgid_group,
(long) var_sgid_gid, grp->gr_name);
}
#define MAIL_PROTO_QMQP "QMQP"
/*
- * Names of services: these are the names of the UNIX-domain socket or
- * FIFO that a service listens on.
+ * Names of services: these are the names of the UNIX-domain socket or FIFO
+ * that a service listens on.
*/
#define MAIL_SERVICE_BOUNCE "bounce"
#define MAIL_SERVICE_CLEANUP "cleanup"
* - the inode number (base 51 encoded so that it contains no 'z').
*/
#define MQID_LG_SEC_BASE 52 /* seconds safe alphabet base */
-#define MQID_LG_SEC_PAD 6 /* seconds minimum field width */
+#define MQID_LG_SEC_PAD 6 /* seconds minimum field width */
#define MQID_LG_USEC_BASE 52 /* microseconds safe alphabet base */
#define MQID_LG_USEC_PAD 4 /* microseconds exact field width */
#define MQID_LG_TIME_PAD (MQID_LG_SEC_PAD + MQID_LG_USEC_PAD)
*/
path = mail_pathname(class, service);
if ((status = stat(path, &st)) < 0) {
- msg_warn("unable to look up %s: %m", path);
+ msg_warn("unable to look up %s: %m", path);
} else if (S_ISFIFO(st.st_mode)) {
status = fifo_trigger(path, req_buf, req_len, var_trigger_timeout);
if (status < 0 && S_ISSOCK(st.st_mode))
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240930"
+#define MAIL_RELEASE_DATE "20241010"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT
/*
* var_postlog_service == 0, therefore var_maillog_file == 0.
- * logger_mode == MAILLOG_CLIENT_MODE_POSTLOG && var_maillog_file ==
- * 0, therefore import_service_path != 0.
+ * logger_mode == MAILLOG_CLIENT_MODE_POSTLOG && var_maillog_file
+ * == 0, therefore import_service_path != 0.
*/
service_path = import_service_path;
}
MKMAP *mkmap_proxy_open(const char *unused_path)
{
- MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
+ MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
/*
* Fill in the generic members.
/* own_inet_addr - is this my own internet address */
-int own_inet_addr(struct sockaddr * addr)
+int own_inet_addr(struct sockaddr *addr)
{
int i;
/* proxy_inet_addr - is this my proxy internet address */
-int proxy_inet_addr(struct sockaddr * addr)
+int proxy_inet_addr(struct sockaddr *addr)
{
int i;
VSTRING *quote_821_local_flags(VSTRING *dst, const char *addr, int flags)
{
- const char *at;
+ const char *at;
/*
* According to RFC 821, a local-part is a dot-string or a quoted-string.
* External interface.
*/
extern VSTRING *quote_821_local_flags(VSTRING *, const char *, int);
+
#define quote_821_local(dst, src) \
quote_821_local_flags((dst), (src), QUOTE_FLAG_8BITCLEAN)
flags = quote_flags_from_string(cmd);
quote_822_local_flags(out, bp, flags);
vstream_printf("'%s' quoted flags=%s '%s'\n",
- bp, quote_flags_to_string((VSTRING *) 0, flags), STR(out));
+ bp, quote_flags_to_string((VSTRING *) 0, flags), STR(out));
} else if (strcmp(cmd, "unquote") == 0) {
unquote_822_local(out, bp);
vstream_printf("'%s' unquoted '%s'\n", bp, STR(out));
*/
extern VSTRING *quote_822_local_flags(VSTRING *, const char *, int);
extern VSTRING *unquote_822_local(VSTRING *, const char *);
+
#define quote_822_local(dst, src) \
quote_822_local_flags((dst), (src), QUOTE_FLAG_DEFAULT)
* See also: REC_TYPE_SIZE_FORMAT above.
*/
#define REC_TYPE_PTR_FORMAT "%15ld"
-#define REC_TYPE_PTR_PAYL_SIZE 15 /* Payload only, excludes record header. */
+#define REC_TYPE_PTR_PAYL_SIZE 15 /* Payload only, excludes record
+ * header. */
/*
* Programmatic interface.
while (offset = vstream_ftell(VSTREAM_IN),
((type = rec_get(VSTREAM_IN, buf, 0)) != REC_TYPE_EOF
- && type != REC_TYPE_ERROR)) {
+ && type != REC_TYPE_ERROR)) {
vstream_fprintf(VSTREAM_OUT, "%15s|%4ld|%3ld|%s\n",
rec_type_name(type), offset,
(long) VSTRING_LEN(buf), vstring_str(buf));
*/
#define SENT_FLAG_NONE (0)
-extern int sent(int, const char *, MSG_STATS *, RECIPIENT *, const char *,
- DSN *);
+extern int sent(int, const char *, MSG_STATS *, RECIPIENT *, const char *,
+ DSN *);
/* LICENSE
/* .ad
if (warn_compat_break_mynetworks_style)
server_acl_mynetworks_host =
addr_match_list_init(origin, MATCH_FLAG_RETURN
- | match_parent_style(origin), mynetworks_host());
+ | match_parent_style(origin), mynetworks_host());
}
/* server_acl_parse - parse access list */
#include <vstring_vstream.h>
#include <name_code.h>
#include <split_at.h>
-
+
char *var_server_acl = "";
#define UPDATE_VAR(s,v) do { if (*(s)) myfree(s); (s) = mystrdup(v); } while (0)
/* .IP MAIL_SRC_MASK_FORWARD
/* Local forwarding or aliasing.
/* .IP MAIL_SRC_MASK_BOUNCE
-/* Submission by the bounce(8) daemon.
+/* Submission by the bounce(8) daemon.
/* .IP MAIL_SRC_MASK_NOTIFY
/* Postmaster notification from the smtp(8) or smtpd(8) daemon.
/* .IP MAIL_SRC_MASK_VERIFY
/*
* Avoiding chicken-and-egg problems during the initial SMTPUTF8 roll-out in
* environments with pre-existing mail flows that contain UTF8.
- *
+ *
* Prior to SMTPUTF8, mail flows that contain UTF8 worked because the vast
* majority of MTAs is perfectly capable of handling UTF8 in address
* localparts (and in headers), even if pre-SMTPUTF8 standards do not
* support this practice.
- *
+ *
* When turning on Postfix SMTPUTF8 support for the first time, we don't want
* to suddenly break pre-existing mail flows that contain UTF8 because 1) a
* client does not request SMTPUTF8 support, and because 2) a down-stream
* MTA does not announce SMTPUTF8 support.
- *
+ *
* While 1) is easy enough to avoid (keep accepting UTF8 in address localparts
* just like Postfix has always done), 2) presents a thornier problem. The
* root cause of that problem is the need for SMTPUTF8 autodetection.
- *
+ *
* What is SMTPUTF8 autodetection? Postfix cannot rely solely on the sender's
* declaration that a message requires SMTPUTF8 support, because UTF8 may be
* introduced during local processing (for example, the client hostname in
* incomplete address, address rewriting, alias expansion, automatic BCC
* recipients, local forwarding, and changes made by header checks or Milter
* applications).
- *
+ *
* In summary, after local processing has happened, Postfix may decide that a
* message requires SMTPUTF8 support, even when that message initially did
* not require SMTPUTF8 support. This could make the message undeliverable
* to destinations that do not support SMTPUTF8. In an environment with
* pre-existing mail flows that contain UTF8, we want to avoid disrupting
* those mail flows when rolling out SMTPUTF8 support.
- *
+ *
* For the vast majority of sites, the simplest solution is to autodetect
* SMTPUTF8 support only for Postfix sendmail command-line submissions, at
* least as long as SMTPUTF8 support has not yet achieved wold domination.
- *
+ *
* However, sites that add UTF8 content via local processing (see above) should
* autodetect SMTPUTF8 support for all email.
- *
+ *
* smtputf8_autodetect() uses the setting of the smtputf8_autodetect_classes
* parameter, and the mail source classes defined in mail_params.h.
*/
{
TOK822 *next;
- for (/* void */; tp != 0; tp = next) {
+ for ( /* void */ ; tp != 0; tp = next) {
if (tp->head)
tok822_free_tree(tp->head);
next = tp->next;
/*
* System library
*/
-#include <unistd.h> /* getuid()/geteuid() */
-#include <sys/types.h> /* uid_t */
+#include <unistd.h> /* getuid()/geteuid() */
+#include <sys/types.h> /* uid_t */
/*
* Utility library.
const char *myname = "valid_mailhost_literal";
MAI_HOSTADDR_STR hostaddr;
const char *last;
- size_t address_bytes;
+ size_t address_bytes;
if (*addr != '[') {
if (gripe)
VSTRING_TERMINATE(unquoted);
return (unquoted);
}
+
/* xtext_unquote - quoted data to unquoted */
VSTRING *xtext_unquote(VSTRING *unquoted, const char *quoted)
*
* We cannot do duplicate elimination here. Sendmail compatibility requires
* that we allow multiple deliveries to the same alias, even recursively!
- * For example, we must deliver to mailbox any messages that are addressed
- * to the alias of a user that lists that same alias in her own .forward
- * file. Yuck! This is just an example of some really perverse semantics
- * that people will expect Postfix to implement just like sendmail.
+ * For example, we must deliver to mailbox any messages that are
+ * addressed to the alias of a user that lists that same alias in her own
+ * .forward file. Yuck! This is just an example of some really perverse
+ * semantics that people will expect Postfix to implement just like
+ * sendmail.
*
* We can recognize one special case: when an alias includes its own name,
* deliver to the user instead, just like sendmail. Otherwise, we just
argv_add(env, "ORIGINAL_RECIPIENT", state.msg_attr.rcpt.orig_addr,
ARGV_END);
if (state.request->dsn_envid[0])
- argv_add(env, "ENVID", state.request->dsn_envid, ARGV_END);
+ argv_add(env, "ENVID", state.request->dsn_envid, ARGV_END);
#define EXPORT_REQUEST(name, value) \
if ((value)[0]) argv_add(env, (name), (value), ARGV_END);
/*
* If started from a terminal, get rid of any tty association. This also
- * means that all errors and warnings must go to the syslog daemon.
- * Some new world has no terminals and prefers logging to stdout.
+ * means that all errors and warnings must go to the syslog daemon. Some
+ * new world has no terminals and prefers logging to stdout.
*/
if (master_detach)
for (fd = 0; fd < 3; fd++) {
* when idle for a configurable amount of time, or after servicing a
* configurable number of requests; the master process spawns new processes
* on demand up to a configurable concurrency limit and/or periodically.
- *
+ *
* The canonical service name is what we use internally, so that we correctly
* handle a request to "reload" after someone changes "smtp" into "25".
- *
+ *
* We use the external service name from master.cf when reporting problems, so
* that the user can figure out what we are talking about. Of course we also
* include the canonical service name so that the UNIX-domain smtp service
extern void master_stop_service(MASTER_SERV *);
extern void master_restart_service(MASTER_SERV *, int);
-#define DO_CONF_RELOAD 1 /* config files were reloaded */
-#define NO_CONF_RELOAD 0 /* no config file was reloaded */
+#define DO_CONF_RELOAD 1 /* config files were reloaded */
+#define NO_CONF_RELOAD 0 /* no config file was reloaded */
/*
* master_events.c
set_eugid(var_owner_uid, var_owner_gid);
serv->listen_fd[0] =
LOCAL_LISTEN(serv->name, serv->max_proc > var_proc_limit ?
- serv->max_proc : var_proc_limit, NON_BLOCKING);
+ serv->max_proc : var_proc_limit, NON_BLOCKING);
close_on_exec(serv->listen_fd[0], CLOSE_ON_EXEC);
set_ugid(getuid(), getgid());
break;
/* 111 8th Avenue
/* New York, NY 10011, USA
/*--*/
-
/* master_restart_service() requests all running child processes to
/* commit suicide. The conf_reload argument is either DO_CONF_RELOAD
/* (configuration files were reloaded, re-evaluate the child process
-/* creation policy) or NO_CONF_RELOAD.
+/* creation policy) or NO_CONF_RELOAD.
/* DIAGNOSTICS
/* BUGS
/* SEE ALSO
/*
* Initialize the backed up parameter value, or update it if this
- * parameter supports updates after initialization. Optionally
- * notify the application that this parameter has changed.
+ * parameter supports updates after initialization. Optionally notify
+ * the application that this parameter has changed.
*/
if (wp->backup[0] == 0) {
if (wp->notify != 0)
/*
* Initialize the backed up parameter value, or update if it this
- * parameter supports updates after initialization. Optionally
- * notify the application that this parameter has changed.
+ * parameter supports updates after initialization. Optionally notify
+ * the application that this parameter has changed.
*/
if ((wp->flags & MASTER_WATCH_FLAG_ISSET) == 0) {
if (wp->notify != 0)
if (edit_resp == 0)
edit_resp = parent->repl_body(parent->chg_context,
MILTER_BODY_END,
- /* unused*/ 0,
+ /* unused */ 0,
(VSTRING *) 0);
body_edit_lockout = 1;
vstring_free(body_line_buf);
body_line_buf = vstring_alloc(var_line_limit);
edit_resp = parent->repl_body(parent->chg_context,
MILTER_BODY_START,
- /* unused */ 0,
+ /* unused */ 0,
(VSTRING *) 0);
}
/* Extract lines from the on-the-wire CRLF format. */
}
}
-static sfsistat test_connect(SMFICTX *ctx, char *name, struct sockaddr * sa)
+static sfsistat test_connect(SMFICTX *ctx, char *name, struct sockaddr *sa)
{
const char *print_addr;
char buf[BUFSIZ];
*/
#define QMGR_FLUSH_AFTER (QMGR_FLUSH_EACH | QMGR_FLUSH_DFXP)
#define MAYBE_FLUSH_AFTER(mode) \
- (((mode) & MAIL_QUEUE_STAT_UNTHROTTLE) ? QMGR_FLUSH_AFTER : 0)
+ (((mode) & MAIL_QUEUE_STAT_UNTHROTTLE) ? QMGR_FLUSH_AFTER : 0)
#define MAYBE_FORCE_EXPIRE(mode) \
(((mode) & MAIL_QUEUE_STAT_EXPIRE) ? QMGR_FORCE_EXPIRE : 0)
#define MAYBE_UPDATE_MODE(mode) \
*
* XXX At this point in the code, the busy reference count is still less
* than the concurrency limit (otherwise this code would not be invoked
- * in the first place) so we have to make some awkward adjustments
- * below.
+ * in the first place) so we have to make some awkward adjustments below.
*
* XXX The queue length test below looks at the active queue share of an
* individual destination. This catches the case where mail for one
#define PIPE_DICT_SASL_USERNAME "sasl_username" /* key */
#define PIPE_DICT_SASL_SENDER "sasl_sender" /* key */
#define PIPE_DICT_QUEUE_ID "queue_id" /* key */
-#define PIPE_DICT_ENVID "envid" /* key */
+#define PIPE_DICT_ENVID "envid" /* key */
/*
* Flags used to pass back the type of special parameter found by
/* when running as PID 1.
/* This command requires that multi-instance support is
/* disabled (i.e. the multi_instance_directories parameter
-/* value must be empty).
+/* value must be empty).
/*
/* When running Postfix inside a container, see MAILLOG_README
/* for logging to stdout. Postfix logs to syslog by default,
int weight;
HTABLE_INFO *ht;
char *parse_err;
- const char *safe_dnsbl;
+ const char *safe_dnsbl;
/*
* Parse the required DNSBL domain name, the optional reply filter and
state->tls_context = tls_proxy_context_receive(state->stream);
if (state->tls_context) {
if (state->log_mask &
- (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) {
+ (TLS_LOG_CERTMATCH | TLS_LOG_VERBOSE | TLS_LOG_PEERCERT)) {
if (state->tls_context->stoc_rpk)
msg_info("%s: pkey_fingerprint=%s", state->namaddrport,
state->tls_context->peer_pkey_fprint);
int smtp_mode = 1;
/*
- * DANE match names are configured late, once the TLSA records are in hand.
- * For now, prepare to fall back to "secure".
+ * DANE match names are configured late, once the TLSA records are in
+ * hand. For now, prepare to fall back to "secure".
*/
switch (state->level) {
default:
*/
#define QMGR_FLUSH_AFTER (QMGR_FLUSH_EACH | QMGR_FLUSH_DFXP)
#define MAYBE_FLUSH_AFTER(mode) \
- (((mode) & MAIL_QUEUE_STAT_UNTHROTTLE) ? QMGR_FLUSH_AFTER : 0)
+ (((mode) & MAIL_QUEUE_STAT_UNTHROTTLE) ? QMGR_FLUSH_AFTER : 0)
#define MAYBE_FORCE_EXPIRE(mode) \
(((mode) & MAIL_QUEUE_STAT_EXPIRE) ? QMGR_FORCE_EXPIRE : 0)
#define MAYBE_UPDATE_MODE(mode) \
*
* XXX At this point in the code, the busy reference count is still less
* than the concurrency limit (otherwise this code would not be invoked
- * in the first place) so we have to make some awkward adjustments
- * below.
+ * in the first place) so we have to make some awkward adjustments below.
*
* XXX The queue length test below looks at the active queue share of an
* individual destination. This catches the case where mail for one
/*
* Following RFC 2821 section 4.1.3, an IPv6 address literal gets
* a prefix of 'IPv6:'. We do this consistently for all IPv6
- * addresses that appear in headers or envelopes. The fact
- * that valid_mailhost_addr() enforces the form helps of course.
- * We use the form without IPV6: prefix when doing access
- * control, or when accessing the connection cache.
+ * addresses that appear in headers or envelopes. The fact that
+ * valid_mailhost_addr() enforces the form helps of course. We
+ * use the form without IPV6: prefix when doing access control,
+ * or when accessing the connection cache.
*/
else {
state->addr = mystrdup(client_addr.buf);
(session->expire_time = (when))
/*
- * Encapsulate the following so that we don't expose details of
- * connection management and error handling to the SMTP protocol engine.
+ * Encapsulate the following so that we don't expose details of connection
+ * management and error handling to the SMTP protocol engine.
*/
#ifdef USE_SASL_AUTH
#define HAVE_SASL_CREDENTIALS \
msg_fatal("host %s: conversion error for address family "
"%d: %m", host, res0->ai_addr->sa_family);
addr_list = dns_rr_append(addr_list, addr);
- if (DNS_RR_IS_TRUNCATED(addr_list))
+ if (DNS_RR_IS_TRUNCATED(addr_list))
break;
if (msg_verbose) {
MAI_HOSTADDR_STR hostaddr_str;
/*
* Only if we're not falling back.
- */
+ */
else {
*found_myself |= (self != 0);
}
/* rpt_socket_name= */ var_smtp_tlsrpt_sockname,
/* rpt_policy_domain= */ adomain,
/* rpt_policy_string= */ rr->data,
- /* skip_reused_hs = */ var_smtp_tlsrpt_skip_reused_hs);
+ /* skip_reused_hs = */ var_smtp_tlsrpt_skip_reused_hs);
dns_rr_free(rr);
} else {
if (msg_verbose)
if ((result = htable_find(cache, name)) == 0) {
fqdn = vstring_alloc(10);
if (dns_lookup_l(name, smtp_unalias_flags, (DNS_RR **) 0, fqdn,
- (VSTRING *) 0, DNS_REQ_FLAG_NONE, T_MX, T_A,
+ (VSTRING *) 0, DNS_REQ_FLAG_NONE, T_MX, T_A,
#ifdef HAS_IPV6
- T_AAAA,
+ T_AAAA,
#endif
- 0) != DNS_OK)
+ 0) != DNS_OK)
vstring_strcpy(fqdn, name);
htable_enter(cache, name, result = vstring_export(fqdn));
}
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
-
* External interface.
*/
extern void smtpd_resolve_init(int);
-extern const RESOLVE_REPLY *smtpd_resolve_addr(const char*, const char *);
+extern const RESOLVE_REPLY *smtpd_resolve_addr(const char *, const char *);
/* LICENSE
/* .ad
}
/*
- * Enable support for client->server raw public keys, provided we actually
- * have keys to send. They'll only be used if the server also enables
- * client RPKs.
- *
+ * Enable support for client->server raw public keys, provided we
+ * actually have keys to send. They'll only be used if the server also
+ * enables client RPKs.
+ *
* XXX: When the server requests client auth, the TLS 1.2 protocol does not
* provide an unambiguous mechanism for the client to not send an RPK (as
* it can with client X.509 certs or TLS 1.3). This is why we don't just
* enable client RPK also with no keys in hand.
- *
+ *
* A very unlikely scenario is that the server allows clients to not send
- * keys, but only accepts keys for a set of algorithms we don't have. Then
- * we still can't send a key, but have agreed to RPK. OpenSSL will attempt
- * to send an empty RPK even with TLS 1.2 (and will accept such a message),
- * but other implementations may be more strict.
- *
+ * keys, but only accepts keys for a set of algorithms we don't have.
+ * Then we still can't send a key, but have agreed to RPK. OpenSSL will
+ * attempt to send an empty RPK even with TLS 1.2 (and will accept such a
+ * message), but other implementations may be more strict.
+ *
* We could limit client RPK support to connections that support only TLS
* 1.3 and up, but that's practical only decades in the future, and the
* risk scenario is contrived and very unlikely.
*/
if (SSL_CTX_get0_certificate(client_ctx) != NULL &&
- SSL_CTX_get0_privatekey(client_ctx) != NULL)
- tls_enable_client_rpk(client_ctx, NULL);
+ SSL_CTX_get0_privatekey(client_ctx) != NULL)
+ tls_enable_client_rpk(client_ctx, NULL);
/*
* With OpenSSL 1.0.2 and later the client EECDH curve list becomes
* configurable with the preferred curve negotiated via the supported
- * curves extension. With OpenSSL 3.0 and TLS 1.3, the same applies
- * to the FFDHE groups which become part of a unified "groups" list.
+ * curves extension. With OpenSSL 3.0 and TLS 1.3, the same applies to
+ * the FFDHE groups which become part of a unified "groups" list.
*/
tls_auto_groups(client_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
msg_warn("malformed fingerprint value: %.384s", values->argv[i]);
continue;
}
-
#define USTR_LEN(raw) (unsigned char *) STR(raw), VSTRING_LEN(raw)
/*
* some other cert digest). No such attacks are known at this time,
* and it is expected that if any are found they would work within as
* well as across the cert/pkey data types.
- *
+ *
* That said, when `pkey_only` is true, we match only public keys.
*
* The private-use matching type "255" is mapped to the configured
tlsa_info("fingerprint", "digest as private-use TLSA record",
3, 0, 255, USTR_LEN(raw));
}
-
/* The public key match is unconditional */
dane->tlsa = tlsa_prepend(dane->tlsa, 3, 1, 255, USTR_LEN(raw));
if (log_mask & (TLS_LOG_VERBOSE | TLS_LOG_DANE))
tp->mtype, tp->data, tp->length);
if (ret > 0) {
++usable;
+
/*
* Disable use of RFC7250 raw public keys if any TLSA record
- * depends on X.509 certificates. Only DANE-EE(3) SPKI(1) records
- * can get by with just a public key.
+ * depends on X.509 certificates. Only DANE-EE(3) SPKI(1)
+ * records can get by with just a public key.
*/
if (tp->usage != DNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE
|| tp->selector != DNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO)
/* ------------------------------------- Common API */
#define AG_STAT_OK (0)
-#define AG_STAT_NO_GROUP (-1) /* no usable group, may retry */
-#define AG_STAT_NO_RETRY (-2) /* other error, don't retry */
+#define AG_STAT_NO_GROUP (-1) /* no usable group, may retry */
+#define AG_STAT_NO_RETRY (-2) /* other error, don't retry */
static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
- const char *eecdh,
+ const char *eecdh,
const char *ffdhe)
{
#ifndef OPENSSL_NO_ECDH
tls_print_errors();
return (AG_STAT_NO_RETRY);
}
-
if (!names)
names = vstring_alloc(sizeof DEF_TLS_EECDH_AUTO +
sizeof DEF_TLS_FFDHE_AUTO);
VSTRING_RESET(names);
+
/*
* OpenSSL does not tolerate duplicate groups in the requested list.
* Deduplicate case-insensitively, just in case OpenSSL some day supports
- * case-insensitive group lookup. Deduplicate only verified extant groups
- * we're going to ask OpenSSL to use.
- *
+ * case-insensitive group lookup. Deduplicate only verified extant
+ * groups we're going to ask OpenSSL to use.
+ *
* OpenSSL 3.3 supports "?<name>" as a syntax for optionally ignoring
* unsupported groups, so we could skip checking against the throw-away
* CTX when linked against 3.3 or higher, but the cost savings don't
SETUP_AG_RETURN(AG_STAT_NO_GROUP);
}
for (; group != 0; group = mystrtok(&groups, GROUPS_SEP)) {
+
/*
* Validate the group name by trying it as the group for a throw-away
- * SSL context. This way, we can ask for new groups that may not yet be
- * supported by the underlying OpenSSL runtime. Unsupported groups are
- * silently ignored.
+ * SSL context. This way, we can ask for new groups that may not yet
+ * be supported by the underlying OpenSSL runtime. Unsupported
+ * groups are silently ignored.
*/
ERR_set_mark();
if (SSL_CTX_set1_curves_list(tmpctx, group) > 0 &&
* group selection is mere performance tuning and not security critical.
* All the groups supported for negotiation should be strong enough.
*/
- for (origin = "configured"; /* void */ ; /* void */) {
+ for (origin = "configured"; /* void */ ; /* void */ ) {
switch (setup_auto_groups(ctx, origin, eecdh, ffdhe)) {
case AG_STAT_OK:
return;
}
/*
- * On the client side, a TLS 1.3 KEM has no server key, just ciphertext to
- * decapsulate, but, as of OpenSSL 3.0, the client can still obtain the
- * negotiated group name directly. We nevertheless still try to get the
- * group details from the peer key first, which works with OpenSSL 1.1.1
- * and retains the original output format for the (EC)DH groups.
+ * On the client side, a TLS 1.3 KEM has no server key, just ciphertext
+ * to decapsulate, but, as of OpenSSL 3.0, the client can still obtain
+ * the negotiated group name directly. We nevertheless still try to get
+ * the group details from the peer key first, which works with OpenSSL
+ * 1.1.1 and retains the original output format for the (EC)DH groups.
*/
if (!kex_name)
kex_name = TLS_GROUP_NAME(ssl);
ctx->srvr_sig_name);
if (ctx->srvr_sig_curve && *ctx->srvr_sig_curve)
vstring_sprintf_append(msg, " (%s%s)", ctx->srvr_sig_curve,
- ctx->stoc_rpk ? " raw public key" : "");
+ ctx->stoc_rpk ? " raw public key" : "");
else if (ctx->srvr_sig_bits > 0)
vstring_sprintf_append(msg, " (%d bit%s)", ctx->srvr_sig_bits,
- ctx->stoc_rpk ? " raw public key" : "s");
+ ctx->stoc_rpk ? " raw public key" : "s");
else if (ctx->stoc_rpk)
vstring_sprintf_append(msg, " (raw public key)");
if (ctx->srvr_sig_dgst && *ctx->srvr_sig_dgst)
ctx->clnt_sig_name);
if (ctx->clnt_sig_curve && *ctx->clnt_sig_curve)
vstring_sprintf_append(msg, " (%s%s)", ctx->clnt_sig_curve,
- ctx->ctos_rpk ? " raw public key" : "");
+ ctx->ctos_rpk ? " raw public key" : "");
else if (ctx->clnt_sig_bits > 0)
vstring_sprintf_append(msg, " (%d bit%s)", ctx->clnt_sig_bits,
- ctx->ctos_rpk ? " raw public key" : "s");
+ ctx->ctos_rpk ? " raw public key" : "s");
else if (ctx->ctos_rpk)
vstring_sprintf_append(msg, " (raw public key)");
if (ctx->clnt_sig_dgst && *ctx->clnt_sig_dgst)
* later minor numbers starting with 3.0.0.
*/
if (hdr_info.major >= 3) {
- warn_compat = lib_info.major != hdr_info.major
- || lib_info.minor < hdr_info.minor;
+ warn_compat = lib_info.major != hdr_info.major
+ || lib_info.minor < hdr_info.minor;
} else if (hdr_info.major == 1 && hdr_info.minor != 0) {
- warn_compat = lib_info.major != hdr_info.major
- || lib_info.minor != hdr_info.minor
- || lib_info.micro < hdr_info.micro;
+ warn_compat = lib_info.major != hdr_info.major
+ || lib_info.minor != hdr_info.minor
+ || lib_info.micro < hdr_info.micro;
} else {
- warn_compat = lib_info.major != hdr_info.major
- || lib_info.minor != hdr_info.minor
- || lib_info.micro != hdr_info.micro;
+ warn_compat = lib_info.major != hdr_info.major
+ || lib_info.minor != hdr_info.minor
+ || lib_info.micro != hdr_info.micro;
}
if (warn_compat)
msg_warn("run-time library vs. compile-time header version mismatch: "
(const void *) props->tlsrpt),
#endif
SEND_ATTR_STR(TLS_ATTR_FFAIL_TYPE,
- STRING_OR_EMPTY(props->ffail_type)),
+ STRING_OR_EMPTY(props->ffail_type)),
ATTR_TYPE_END);
/* Do not flush the stream. */
if (msg_verbose)
static const char server_session_id_context[] = "Postfix/TLS";
#ifndef OPENSSL_NO_TLSEXT
+
/*
* We retain the cipher handle for the lifetime of the process.
*/
static const EVP_CIPHER *tkt_cipher;
+
#endif
#define GET_SID(s, v, lptr) ((v) = SSL_SESSION_get_id((s), (lptr)))
tls_tmp_dh(sni_ctx, 1);
/*
- * Enable EECDH if available, errors are not fatal, we just keep going with
- * any remaining key-exchange algorithms. With OpenSSL 3.0 and TLS 1.3,
- * the same applies to the FFDHE groups which become part of a unified
- * "groups" list.
+ * Enable EECDH if available, errors are not fatal, we just keep going
+ * with any remaining key-exchange algorithms. With OpenSSL 3.0 and TLS
+ * 1.3, the same applies to the FFDHE groups which become part of a
+ * unified "groups" list.
*/
tls_auto_groups(server_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
tls_auto_groups(sni_ctx, var_tls_eecdh_auto, var_tls_ffdhe_auto);
}
/*
- * When encryption is mandatory use the 80-bit plus OpenSSL security level.
+ * When encryption is mandatory use the 80-bit plus OpenSSL security
+ * level.
*/
if (props->requirecert)
SSL_set_security_level(TLScontext->con, 1);
* way to associate DANE TLSA RRs with clients just yet, we just
* make the fingerprint available to the access(5) layer.
*/
- TLScontext->peer_status |= TLS_CRED_FLAG_RPK;
+ TLScontext->peer_status |= TLS_CRED_FLAG_RPK;
TLScontext->peer_pkey_fprint =
tls_pkey_fprint(pkey, TLScontext->mdalg);
if (TLScontext->log_mask & (TLS_LOG_VERBOSE | TLS_LOG_PEERCERT))
/* allalnum - return true if string is all alphanum */
-int allalnum(const char *string)
+int allalnum(const char *string)
{
const char *cp;
if (*string == 0)
- return (0);
+ return (0);
for (cp = string; *cp != 0; cp++)
- if (!ISALNUM(*cp))
- return (0);
+ if (!ISALNUM(*cp))
+ return (0);
return (1);
}
/* input after at most \fIcount\fR -1 times and leaves the
/* remainder, if any, in the last array element. It is an error
/* to specify a count < 1.
-/*
+/*
/* argv_split_append() performs the same operation as argv_split(),
/* but appends the result to an existing string array.
/* SEE ALSO
/* const char *string;
/* const char *parens;
/* DESCRIPTION
-/* balpar() determines the length of a string enclosed in
+/* balpar() determines the length of a string enclosed in
/* the specified parentheses, zero in case of error.
/* SEE ALSO
/* A balpar() routine appears in Brian W. Kernighan, P.J. Plauger:
vstream_printf("%s -> 0x%x -> %s\n",
STR(in_buf), demo_mask,
demo_str ? demo_str : "(null)");
- demo_mask <<=1;
+ demo_mask <<= 1;
demo_str = str_byte_mask_opt(out_buf, "mask", demo_table,
demo_mask, out_feature_mask);
vstream_printf("0x%x -> %s\n",
* strings should be.
*/
#ifdef HAS_IPV6
-# define CIDR_MATCH_ABYTES MAI_V6ADDR_BYTES
+#define CIDR_MATCH_ABYTES MAI_V6ADDR_BYTES
#else
-# define CIDR_MATCH_ABYTES MAI_V4ADDR_BYTES
+#define CIDR_MATCH_ABYTES MAI_V4ADDR_BYTES
#endif
/*
* dict_stream(3)
*/
extern VSTREAM *dict_stream_open(const char *dict_type, const char *mapname,
- int open_flags, int dict_flags, struct stat * st, VSTRING **why);
+ int open_flags, int dict_flags, struct stat * st, VSTRING **why);
/* LICENSE
/* .ad
/* New York, NY 10011, USA
/*--*/
-#endif /* _DICT_CDB_H_INCLUDED_ */
+#endif /* _DICT_CDB_H_INCLUDED_ */
/* content as specified above.
/* .IP st
/* File metadata with the file owner, or fake metadata with the
-/* real UID and GID of the dict_stream_open() caller. This is
+/* real UID and GID of the dict_stream_open() caller. This is
/* used for "taint" tracking (zero=trusted, non-zero=untrusted).
/* IP why
/* Pointer to pointer to error message storage. dict_stream_open()
DO((res = fcntl(3, F_GETFD, 0)));
if (res & 1)
printf(
-"Yes, a newly dup2()ed file-descriptor has the close-on-exec \
+ "Yes, a newly dup2()ed file-descriptor has the close-on-exec \
flag cloned.\n\
THIS VIOLATES Posix1003.1 section 6.2.1.2 or 6.5.2.2!\n\
You should #define DUP2_DUPS_CLOSE_ON_EXEC in sys_defs.h \
for your OS.\n");
else
printf(
-"No, a newly dup2()ed file-descriptor has the close-on-exec \
+ "No, a newly dup2()ed file-descriptor has the close-on-exec \
flag cleared.\n\
This complies with Posix1003.1 section 6.2.1.2 and 6.5.2.2!\n");
return (sane_socketpair(AF_UNIX, SOCK_STREAM, 0, fds));
#endif
}
-
&& command[strspn(command, SPACE_TAB)] != 0) {
/*
- * No shell meta characters found, so we can try to avoid the overhead
- * of running a shell. Just split the command on whitespace and exec
- * the result directly.
+ * No shell meta characters found, so we can try to avoid the
+ * overhead of running a shell. Just split the command on whitespace
+ * and exec the result directly.
*/
argv = argv_split(command, SPACE_TAB);
(void) execvp(argv->argv[0], argv->argv);
},
};
-int main(int argc, char **argv) {
+int main(int argc, char **argv)
+{
struct test_case *tp;
struct association *ap;
int pass = 0;
/* The maximal number of all digits after the decimal point.
/* Specify a number in the range 0..6.
/* LICENSE
-/* .ad
+/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this
/* software.
test_failed = 0;
if ((hval = hash_fnvz(tp->str)) != tp->hval) {
msg_warn("hash_fnv(\"%s\") want %lu, got: %lu",
- tp->str, (unsigned long) tp->hval,
- (unsigned long) hval);
+ tp->str, (unsigned long) tp->hval,
+ (unsigned long) hval);
test_failed = 1;
}
if (test_failed) {
* Final sanity checks. We're still sloppy, allowing bare numerical
* network addresses instead of requiring proper [ipaddress] forms.
*/
- if (*host != def_host
+ if (*host != def_host
&& !valid_utf8_hostname(util_utf8_enable, *host, DONT_GRIPE)
&& !valid_hostaddr(*host, DONT_GRIPE))
return ("valid hostname or network address required");
/* inet_addr_sizes - get address size metrics for address family */
-const INET_ADDR_SIZES *inet_addr_sizes(int af)
+const INET_ADDR_SIZES *inet_addr_sizes(int af)
{
- const INET_ADDR_SIZES *sp;
+ const INET_ADDR_SIZES *sp;
for (sp = table; /* see below */ ; sp++) {
if (sp >= table + sizeof(table) / sizeof(*table))
errno = EADDRNOTAVAIL; /* for up-stream "%m" */
return (-1);
}
-
proto_info = inet_proto_info();
for (sock = -1, found = 0, res = res0; res != 0; res = res->ai_next) {
/*
* External interface.
*/
-typedef void (*LOAD_FILE_FN)(VSTREAM *, void *);
+typedef void (*LOAD_FILE_FN) (VSTREAM *, void *);
extern void load_file(const char *, LOAD_FILE_FN, void *);
/* NULL name terminates list */
typedef struct LIB_FN {
const char *name;
- void (*fptr)(void);
+ void (*fptr) (void);
} LIB_FN;
typedef struct LIB_DP {
const char *name;
- void *dptr;
+ void *dptr;
} LIB_DP;
extern void load_library_symbols(const char *, LIB_FN *, LIB_DP *);
MAC_EXP_OP_RES_TRUE,
MAC_EXP_OP_RES_FALSE,
MAC_EXP_OP_RES_ERROR,
-} MAC_EXP_OP_RES;
+} MAC_EXP_OP_RES;
extern MAC_EXP_OP_RES mac_exp_op_res_bool[2];
#define MAC_EXP_MODE_USE (1)
typedef const char *(*MAC_EXP_LOOKUP_FN) (const char *, int, void *);
-typedef MAC_EXP_OP_RES (*MAC_EXPAND_RELOP_FN) (const char *, int, const char *);
+typedef MAC_EXP_OP_RES(*MAC_EXPAND_RELOP_FN) (const char *, int, const char *);
extern int mac_expand(VSTRING *, const char *, int, const char *, MAC_EXP_LOOKUP_FN, void *);
void mac_expand_add_relop(int *, const char *, MAC_EXPAND_RELOP_FN);
extern int midna_domain_cache_size;
extern int midna_domain_transitional;
+
/* LICENSE
/* .ad
/* .fi
/* This is a dummy module, since CDB has all the functionality
* built-in, as cdb creation requires one global lock anyway. */
-MKMAP *mkmap_cdb_open(const char *unused_path)
+MKMAP *mkmap_cdb_open(const char *unused_path)
{
MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
+
mkmap->open = dict_cdb_open;
mkmap->after_open = 0;
mkmap->after_close = 0;
return (mkmap);
}
-#endif /* HAS_CDB */
+#endif /* HAS_CDB */
/* mvect_alloc - allocate memory vector */
char *mvect_alloc(MVECT *vect, ssize_t elsize, ssize_t nelm,
- void (*init_fn) (char *, ssize_t), void (*wipe_fn) (char *, ssize_t))
+ void (*init_fn) (char *, ssize_t), void (*wipe_fn) (char *, ssize_t))
{
vect->init_fn = init_fn;
vect->wipe_fn = wipe_fn;
* they suggest that space for the null terminator is not included.
*/
#ifdef HAS_IPV6
-# define MAI_HOSTADDR_STRSIZE INET6_ADDRSTRLEN
+#define MAI_HOSTADDR_STRSIZE INET6_ADDRSTRLEN
#else
-# ifndef INET_ADDRSTRLEN
-# define INET_ADDRSTRLEN 16
-# endif
-# define MAI_HOSTADDR_STRSIZE INET_ADDRSTRLEN
+#ifndef INET_ADDRSTRLEN
+#define INET_ADDRSTRLEN 16
+#endif
+#define MAI_HOSTADDR_STRSIZE INET_ADDRSTRLEN
#endif
#define MAI_HOSTNAME_STRSIZE 1025
/* long_name_mask_delim_opt - compute mask corresponding to list of names */
long long_name_mask_delim_opt(const char *context,
- const LONG_NAME_MASK * table,
+ const LONG_NAME_MASK *table,
const char *names, const char *delim,
int flags)
{
/* str_long_name_mask_opt - mask to string */
const char *str_long_name_mask_opt(VSTRING *buf, const char *context,
- const LONG_NAME_MASK * table,
+ const LONG_NAME_MASK *table,
long mask, int flags)
{
const char *myname = "name_mask";
{
#ifdef RLIMIT_NOFILE
struct rlimit rl;
+
#endif
if (limit < 0) {
return (getdtablesize());
#endif
}
-
#include <sys_defs.h>
#ifdef NO_INLINE
-#define inline /* */
+#define inline /* */
#endif
/* parse_utf8_char - parse and validate one UTF8 multibyte sequence */
}
}
-#undef inline
+#undef inline
int sigprocmask(int how, sigset_t *set, sigset_t *old)
{
- int previous;
+ int previous;
if (how == SIG_BLOCK)
previous = sigblock(*set);
actions[signum].sa_handler(signum);
}
-int sigaction(int sig, struct sigaction *act, struct sigaction *oact)
+int sigaction(int sig, struct sigaction * act, struct sigaction * oact)
{
static int initialized = 0;
/* #include <sane_strtol.h>
/*
/* long sane_strtol(
-/* const char *start,
-/* char **restrict end,
+/* const char *start,
+/* char **restrict end,
/* int base)
/*
/* unsigned long sane_strtoul(
/* effective group id.
/*
/* SAVE_AND_SET_EUGID() opens a block that executes with the
-/* specified privilege. RESTORE_SAVED_EUGID() closes the block.
+/* specified privilege. RESTORE_SAVED_EUGID() closes the block.
/* DIAGNOSTICS
/* All system call errors are fatal.
/* SEE ALSO
* closest thing that C has to exception handling). The application is then
* expected to repeat the bulk transaction from scratch.
*
- * When any code aborts a bulk transaction, it must reset slmdb->txn to null
- * to avoid a use-after-free problem in slmdb_close().
+ * When any code aborts a bulk transaction, it must reset slmdb->txn to null to
+ * avoid a use-after-free problem in slmdb_close().
*/
/*
/* address family and length of the real structure that hides
/* inside a generic sockaddr structure. On systems where struct
/* sockaddr has no sa_len member, SOCK_ADDR_LEN() cannot be
-/* used as lvalue. SOCKADDR_ADDRP() returns a pointer to the
+/* used as lvalue. SOCKADDR_ADDRP() returns a pointer to the
/* IPv4 or IPv6 address. SOCK_ADDR_PORT() returns the IPv4 or IPv6
/* port number, in network byte order; it must not be used as
/* lvalue. SOCK_ADDR_PORTP() returns a pointer to the same.
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)strcasecmp.c 8.1 (Berkeley) 6/4/93";
+
#endif /* LIBC_SCCS and not lint */
#include <sys_defs.h>
*/
return (pair[0]);
#else
- msg_fatal("stream connections are not implemented");
+ msg_fatal("stream connections are not implemented");
#endif
}
return (-1);
return (fdinfo.fd);
#else
- msg_fatal("stream connections are not implemented");
+ msg_fatal("stream connections are not implemented");
#endif
}
msg_fatal("close server fd");
return (0);
}
+
#else
int main(int argc, char **argv)
{
return (0);
}
+
#endif
int unix_dgram_connect(const char *path, int block_mode)
{
const char myname[] = "unix_dgram_connect";
+
#undef sun
struct sockaddr_un sun;
ssize_t path_len;
int unix_dgram_listen(const char *path, int block_mode)
{
const char myname[] = "unix_dgram_listen";
+
#undef sun
struct sockaddr_un sun;
ssize_t path_len;
*/
if ((sock = socket(AF_UNIX, SOCK_DGRAM, 0)) < 0)
msg_fatal("%s: socket: %m", myname);
- if (unlink(path) < 0 && errno != ENOENT)
- msg_fatal( "remove %s: %m", path);
- if (bind(sock, (struct sockaddr *) & sun, sizeof(sun)) < 0)
- msg_fatal( "bind: %s: %m", path);
+ if (unlink(path) < 0 && errno != ENOENT)
+ msg_fatal("remove %s: %m", path);
+ if (bind(sock, (struct sockaddr *) &sun, sizeof(sun)) < 0)
+ msg_fatal("bind: %s: %m", path);
#ifdef FCHMOD_UNIX_SOCKETS
if (fchmod(sock, 0666) < 0)
- msg_fatal("fchmod socket %s: %m", path);
+ msg_fatal("fchmod socket %s: %m", path);
#else
if (chmod(path, 0666) < 0)
- msg_fatal("chmod socket %s: %m", path);
+ msg_fatal("chmod socket %s: %m", path);
#endif
non_blocking(sock, block_mode);
return (sock);
int vbuf_get(VBUF *bp)
{
return (bp->get_ready(bp) ?
- ((bp->flags |= VBUF_FLAG_EOF), VBUF_EOF) : VBUF_GET(bp));
+ ((bp->flags |= VBUF_FLAG_EOF), VBUF_EOF) : VBUF_GET(bp));
}
/* vbuf_put - handle write buffer full condition */
projects / thirdparty / postfix.git / commitdiff
